Bug 1186693

Summary: [amqp1.0] Abort after uncaught UnknownExchangeTypeException
Product: Red Hat Enterprise MRG Reporter: Petr Matousek <pematous>
Component: qpid-cppAssignee: Gordon Sim <gsim>
Status: CLOSED ERRATA QA Contact: Petr Matousek <pematous>
Severity: high Docs Contact:
Priority: high    
Version: DevelopmentCC: gsim, iboverma, jross, vkaigoro, zkraus
Target Milestone: 3.1   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: qpid-cpp-0.30-6 Doc Type: Bug Fix
Doc Text:
It was discovered that the QPID Broker aborted with an uncaught UnknownExchangeTypeException when the client attempted to request an unsupported exchange type. The code for the Exchange Registry and Node Policy has been improved to prevent this issue from happening again.
 Story Points: ---
Clone Of:
: 1186694 (view as bug list) Environment:
Last Closed: 2015-04-14 13:48:54 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1186694    

Description Petr Matousek 2015-01-28 10:22:34 UTC 
Description of problem:

Broker aborts after uncaught UnknownExchangeTypeException when create of  unsupported exchange type is requested by the client.

This issue is only valid for amqp1.0, amqp0-10 path does not suffer from that.

Version-Release number of selected component (if applicable):
qpid-cpp-*-0.30-5.el6.x86_64

How reproducible:
100%

Steps to Reproduce:
1. ./drain --connection-options "{protocol:amqp1.0}" -a "my-Exchange;{node:{type:topic,properties:{exchange-type:BADTYPE}},create:always}"
OR
$cppapi/drain --connection-options "{protocol:amqp1.0}" "my-Exchange;{node:{x-declare:{type:BADTYPE},type:topic},create:always}"
2. Broker is aborted after uncaught UnknownExchangeTypeException

Actual results:
Broker aborts after uncaught UnknownExchangeTypeException.

Expected results:
No abort after UnknownExchangeTypeException.

Additional info:

Core was generated by `qpidd'.
Program terminated with signal 6, Aborted.
#0  0x0000003d0b232625 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64	  return INLINE_SYSCALL (tgkill, 3, pid, selftid, sig);
(gdb) info threads
  4 Thread 0x7fdc7735b700 (LWP 20069)  0x0000003d0b2e8ef3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:82
  3 Thread 0x7fdc79714700 (LWP 20067)  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:239
  2 Thread 0x7fdc77d5c700 (LWP 20068)  0x0000003d0b2e8ef3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:82
* 1 Thread 0x7fdc7c7337a0 (LWP 20066)  0x0000003d0b232625 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
(gdb) t a a bt

Thread 4 (Thread 0x7fdc7735b700 (LWP 20069)):
#0  0x0000003d0b2e8ef3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:82
#1  0x0000003d13758adb in qpid::sys::Poller::wait (this=0x1b440a0, timeout=...) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/epoll/EpollPoller.cpp:566
#2  0x0000003d13759187 in qpid::sys::Poller::run (this=0x1b440a0) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/epoll/EpollPoller.cpp:518
#3  0x0000003d1374d75a in qpid::sys::(anonymous namespace)::runRunnable (p=<value optimized out>) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/posix/Thread.cpp:35
#4  0x0000003d0b6079d1 in start_thread (arg=0x7fdc7735b700) at pthread_create.c:301
#5  0x0000003d0b2e88fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 3 (Thread 0x7fdc79714700 (LWP 20067)):
#0  pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:239
#1  0x0000003d137bd659 in wait (this=0x1b47840) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/posix/Condition.h:65
#2  wait (this=0x1b47840) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/Monitor.h:45
#3  qpid::sys::Timer::run (this=0x1b47840) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/Timer.cpp:186
#4  0x0000003d1374d75a in qpid::sys::(anonymous namespace)::runRunnable (p=<value optimized out>) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/posix/Thread.cpp:35
#5  0x0000003d0b6079d1 in start_thread (arg=0x7fdc79714700) at pthread_create.c:301
#6  0x0000003d0b2e88fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 2 (Thread 0x7fdc77d5c700 (LWP 20068)):
#0  0x0000003d0b2e8ef3 in epoll_wait () at ../sysdeps/unix/syscall-template.S:82
#1  0x0000003d13758adb in qpid::sys::Poller::wait (this=0x1b440a0, timeout=...) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/epoll/EpollPoller.cpp:566
#2  0x0000003d13759187 in qpid::sys::Poller::run (this=0x1b440a0) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/epoll/EpollPoller.cpp:518
#3  0x0000003d1374d75a in qpid::sys::(anonymous namespace)::runRunnable (p=<value optimized out>) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/posix/Thread.cpp:35
#4  0x0000003d0b6079d1 in start_thread (arg=0x7fdc77d5c700) at pthread_create.c:301
#5  0x0000003d0b2e88fd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115

Thread 1 (Thread 0x7fdc7c7337a0 (LWP 20066)):
#0  0x0000003d0b232625 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x0000003d0b233e05 in abort () at abort.c:92
#2  0x0000003d0dabea7d in __gnu_cxx::__verbose_terminate_handler () at ../../../../libstdc++-v3/libsupc++/vterminate.cc:93
#3  0x0000003d0dabcbd6 in __cxxabiv1::__terminate (handler=<value optimized out>) at ../../../../libstdc++-v3/libsupc++/eh_terminate.cc:38
#4  0x0000003d0dabcc03 in std::terminate () at ../../../../libstdc++-v3/libsupc++/eh_terminate.cc:48
#5  0x0000003d0dabcd22 in __cxxabiv1::__cxa_throw (obj=0x1be9830, tinfo=0x3d0cfdf490, dest=0) at ../../../../libstdc++-v3/libsupc++/eh_throw.cc:86
#6  0x0000003d0cc7fcf4 in qpid::broker::ExchangeRegistry::declare (this=0x1b47258, name="my-Exchange", type="BADTYPE", durable=false, autodelete=false, args=..., alternate=..., connectionId=
    "qpid.127.0.0.1:5672-127.0.0.1:40301", userId="anonymous") at /usr/src/debug/qpid-cpp-0.30/src/qpid/broker/ExchangeRegistry.cpp:75
#7  0x0000003d0cbf5e10 in qpid::broker::Broker::createExchange (this=0x1b46fb0, name="my-Exchange", type="BADTYPE", durable=false, autodelete=false, alternateExchange="", arguments=..., userId="anonymous", 
    connectionId="qpid.127.0.0.1:5672-127.0.0.1:40301") at /usr/src/debug/qpid-cpp-0.30/src/qpid/broker/Broker.cpp:1517
#8  0x00007fdc7c4ece29 in qpid::broker::amqp::Session::resolve (this=0x1bcc790, name="my-Exchange", terminus=<value optimized out>, incoming=false)
    at /usr/src/debug/qpid-cpp-0.30/src/qpid/broker/amqp/Session.cpp:259
#9  0x00007fdc7c4f01b3 in qpid::broker::amqp::Session::setupOutgoing (this=0x1bcc790, link=0x1bca8c0, source=0x1bca9c8, name="my-Exchange") at /usr/src/debug/qpid-cpp-0.30/src/qpid/broker/amqp/Session.cpp:445
#10 0x00007fdc7c4f3e50 in qpid::broker::amqp::Session::attach (this=0x1bcc790, link=0x1bca8c0) at /usr/src/debug/qpid-cpp-0.30/src/qpid/broker/amqp/Session.cpp:383
#11 0x00007fdc7c4a88c8 in qpid::broker::amqp::Connection::process (this=0x1bb3008) at /usr/src/debug/qpid-cpp-0.30/src/qpid/broker/amqp/Connection.cpp:283
#12 0x00007fdc7c4a6a1b in qpid::broker::amqp::Connection::decode (this=0x1bb3008, buffer=<value optimized out>, size=<value optimized out>)
    at /usr/src/debug/qpid-cpp-0.30/src/qpid/broker/amqp/Connection.cpp:127
#13 0x00007fdc7c4e34f9 in qpid::broker::amqp::Sasl::decode (this=0x1bb2fb0, buffer=<value optimized out>, size=249) at /usr/src/debug/qpid-cpp-0.30/src/qpid/broker/amqp/Sasl.cpp:49
#14 0x0000003d137b3e30 in qpid::sys::AsynchIOHandler::readbuff (this=0x1bb4580, buff=0x1bb4430) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/AsynchIOHandler.cpp:135
#15 0x0000003d137335de in operator() (this=0x1bb6510, h=...) at /usr/include/boost/function/function_template.hpp:1013
#16 qpid::sys::posix::AsynchIO::readable (this=0x1bb6510, h=...) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/posix/AsynchIO.cpp:453
#17 0x0000003d137b86f3 in boost::function1<void, qpid::sys::DispatchHandle&>::operator() (this=<value optimized out>, a0=<value optimized out>) at /usr/include/boost/function/function_template.hpp:1013
#18 0x0000003d137b7386 in qpid::sys::DispatchHandle::processEvent (this=0x1bb6518, type=qpid::sys::Poller::READABLE) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/DispatchHandle.cpp:280
#19 0x0000003d137591ad in process (this=0x1b440a0) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/Poller.h:131
#20 qpid::sys::Poller::run (this=0x1b440a0) at /usr/src/debug/qpid-cpp-0.30/src/qpid/sys/epoll/EpollPoller.cpp:522
#21 0x0000003d0cbfb121 in qpid::broker::Broker::run (this=0x1b46fb0) at /usr/src/debug/qpid-cpp-0.30/src/qpid/broker/Broker.cpp:515
---Type <return> to continue, or q <return> to quit---
#22 0x0000000000404a76 in qpid::broker::QpiddBroker::execute (this=<value optimized out>, options=<value optimized out>) at /usr/src/debug/qpid-cpp-0.30/src/posix/QpiddBroker.cpp:214
#23 0x0000000000407f27 in qpid::broker::run_broker (argc=1, argv=0x7fffc158ddb8, hidden=<value optimized out>) at /usr/src/debug/qpid-cpp-0.30/src/qpidd.cpp:108
#24 0x0000003d0b21ed5d in __libc_start_main (main=0x4041d0 <main(int, char**)>, argc=1, ubp_av=0x7fffc158ddb8, init=<value optimized out>, fini=<value optimized out>, rtld_fini=<value optimized out>, 
    stack_end=0x7fffc158dda8) at libc-start.c:226
#25 0x0000000000404109 in _start ()
Comment 1 Gordon Sim 2015-01-28 11:55:43 UTC 
Fixed upstream by https://svn.apache.org/viewvc?view=revision&revision=1626206
Comment 2 Vasyl Kaigorodov 2015-02-03 14:49:54 UTC 
Gordon, am I right that mrg-m-3.0 is not affected by this?
Comment 3 Gordon Sim 2015-02-03 21:50:08 UTC 
(In reply to Vasyl Kaigorodov from comment #2)
> Gordon, am I right that mrg-m-3.0 is not affected by this?

No, I believe it will be affected by this. Certainly 0.22-mrg is affected.
Comment 5 Petr Matousek 2015-02-09 17:40:21 UTC 
This issue has been fixed. Verified on rhel6.6 (x86_64 and i386)

Packages:
qpid-cpp-*-0.30-6

-> VERIFIED
Comment 8 errata-xmlrpc 2015-04-14 13:48:54 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2015-0805.html